Kubernetes quick start¶
This page is for people who are familiar with Kubernetes in general, and want to start using it as quickly as possible.
Requesting access¶
In order to obtain access to Kubernetes, please submit a Kubernetes request . Alternatively you can email your request to support@hpc.ut.ee .
Polices set access at the tenant/namespace level. This means that you get a namespace and give access to that specific namespace, mostly with administrator permissions.
UTHPC uses a kubeconfig
file to permit access to Kubernetes. Certificate and token are inside kubeconfig
file. This means you need to have kubectl
installed. Users usually get access via their ETAIS
account.
Using ETAIS access¶
Kubernetes allows access via the MyAccessID authentication system. This is the easiest way to obtain access to the cluster, as everyone shares the same KUBECONFIG
file.
You should still write to support@hpc.ut.ee to get necessary permissions though, as by default, a user has no permissions inside the cluster.
Authenticating via MyAccessID requires completing three additional steps:
- Install the kubelogin
kubectl
plugin. This is required to authenticate with MyAccessID. - Add the shared
KUBECONFIG
file to your local computer (below). If you add it to~/.kube/config
, which is automatically used for allkubectl
commands. - When using this configuration for
kubectl
, the first command you enter opens a browser window. You can login explicitly also with thekubectl oidc-login login
command. - Inside this browser window you can login with any institution's credentials. Upon success, you'll have access to the cluster.
kubectl
configuration
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM1ekNDQWMrZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01Ea3hOVEV3TlRFek1Gb1hEVE13TURreE16RXdOVEV6TUZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTkt5CnBtNy9BVmFPQStnT1BEQzBtekZ6d0pzRUw3ZkRMN0taR3R1Y3RycUJIR3JaL0MyZ2pJbEpwN2pCZ0FDU0E2eW4KNEhqNXk0UTdTN0s0R0JhbGNya3QrV2duMkwyckxKK0NUYXhiYmh4alczRDR6dEdtanhJTUFSeXRUV2xDL1ZtVAphTUtCZ3pmTFY5LzBPNUxtM1J4cEFMbm9MN1dUS3lyTmxGR29aSWUxbTVjK0JyenZmZjRKa2dmYWVucEw3Uk5CCjM5TDRvQ3NVdFNXeDZUVGNSN25JTHRiUXZZV0doYnE2UHRzS3BDcmxzMXlSazJDS1QwQUI5akFKMHhzakxkckgKZVZEOFROUFl1aEhBRVhLSVZUenVNUm92Q29DZVVnK002Nk9MNHpJem81aFZadFJJRWtkNi9wSTI1NmpsNVFDMQpJZW5KTDFpK2VwazJvQWpac1RNQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZNRTRpQldSS0ptRTFaZEFJOTZGbXYzdWdSdkZNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFERXdBem0zd1BIcDcwcFhObHdzNmhTV2ZIRWQ1b1prOWlTSzFMTVhFNm4vZHBCQkhiagpMOUVyVlBnWXlpeFFzZFIwZEtKUEZYQlh5dDlERllPVzJqTzRRMUFBVks1U3RTMjk5K3lZUDBIS1ZrZU5STE40Cm1wbDE0Zy9xNW1mR05pRlIzVm93cmFoR3ZQc1R6bVhScTNMd1pHbFZFSXNRR2w5elhYaVZoV29FTllVN2JTa1IKM0FxS0dQc2VDTmRmTTE3TzVZTno0cUw4VDA1Q21zZ1V3dlUrSU5CdFFIcmxXQVhQN2wyR3h5NzBDdmlxUXh2Qgp2d3NaVkpkcXdJMEg0c3ZWNW5FbElLM2dGY2hsTWoxS2k2RTJORGJNRmY4aWNQc2kxTFo1dllHUnVDVEN2QmgrCnd4eVQwekxRd1A4STBiNWZ5V1V3WnBzMmErcVR3V2xxRVpjdgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://kubernetes.hpc.ut.ee:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: etais-user
name: etais-user@kubernetes
current-context: etais-user@kubernetes
kind: Config
preferences: {}
users:
- name: etais-user
user:
exec:
apiVersion: client.authentication.k8s.io/v1beta1
args:
- oidc-login
- get-token
- --oidc-issuer-url=https://keycloak.hpc.ut.ee/realms/ETAIS
- --oidc-client-id=kubernetes.hpc.ut.ee
- --oidc-use-pkce
command: kubectl
env: null
provideClusterInfo: false
Explore key concepts¶
For a deeper understanding of how to use the full potential of the Kubernetes environment, please explore the detailed concept guides. These guides provide explanations and examples into how the managed Kubernetes service is set up.
Available guides¶
- Databases - Learn how to deploy and manage databases within the managed Kubernetes cluster.
- Ingress - Discover how to set up and configure Ingress objects to manage external access to your applications.
- Load Balancers - Understand the setup and usage of
LoadBalancer
service to manage external access to your applications. - Using storage - Learn how to keep data across
Pod
restarts, persistently. - GPU Usage - Explore how to utilize GPUs within the cluster for computing-intensive applications.
- CI/CD Integration - Get insights into integrating continuous integration and continuous deployment pipelines with UTHPC Kubernetes infrastructure.
Each guide is designed to provide you with the knowledge needed to effectively use and manage the relevant Kubernetes resources. If you're missing some specific feature, feel free to ask HPC support. New operators and extra configurations can be added on request, if it does not negatively impact the cluster's security or usability.
Billing¶
[ALPHA]
Billing is still in [ALPHA]
status, meaning it's not properly done. For now, Kubernetes billing works on agreement basis, but we are working towards implementing an understandable and transparent billing structure.